New config options to address bug 251:

FetchServerDescriptors and FetchHidServDescriptors for whether
to fetch server info and hidserv info or let the controller do it,
and also PublishServerDescriptor and PublishHidServDescriptors.

Add AllDirActionsPrivate undocumented option -- if you set it, you'll
need the controller to bootstrap you enough to build your first circuits.


svn:r6047

6 files changed, 25 insertions, 0 deletions

diff --git a/src/or/config.c b/src/or/config.c
index e9449c0d42..c5ff212a8b 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -125,6 +125,7 @@ static config_var_t _option_vars[] = {
   VAR("AccountingMaxKB",     UINT,     _AccountingMaxKB,     "0"),
   VAR("AccountingStart",     STRING,   AccountingStart,      NULL),
   VAR("Address",             STRING,   Address,              NULL),
+  VAR("__AllDirActionsPrivate",BOOL,   AllDirActionsPrivate, "0"),
   VAR("AllowUnverifiedNodes",CSV,      AllowUnverifiedNodes,
                                                         "middle,rendezvous"),
   VAR("AssumeReachable",     BOOL,     AssumeReachable,      "0"),
@@ -158,6 +159,8 @@ static config_var_t _option_vars[] = {
   VAR("FascistFirewall",     BOOL,     FascistFirewall,      "0"),
   VAR("FirewallPorts",       CSV,      FirewallPorts,        ""),
   VAR("FastFirstHopPK",      BOOL,     FastFirstHopPK,       "1"),
+  VAR("FetchServerDescriptors",BOOL,   FetchServerDescriptors,"1"),
+  VAR("FetchHidServDescriptors",BOOL,  FetchHidServDescriptors, "1"),
   VAR("Group",               STRING,   Group,                NULL),
   VAR("HardwareAccel",       BOOL,     HardwareAccel,        "0"),
   VAR("HashedControlPassword",STRING,  HashedControlPassword, NULL),
@@ -197,6 +200,8 @@ static config_var_t _option_vars[] = {
   VAR("PathlenCoinWeight",   DOUBLE,   PathlenCoinWeight,    "0.3"),
   VAR("PidFile",             STRING,   PidFile,              NULL),
   VAR("ProtocolWarnings",    BOOL,     ProtocolWarnings,     "0"),
+  VAR("PublishServerDescriptor",BOOL,  PublishServerDescriptor,"1"),
+  VAR("PublishHidServDescriptors",BOOL,PublishHidServDescriptors, "1"),
   VAR("ReachableAddresses",  LINELIST, ReachableAddresses,   NULL),
   VAR("ReachableDirAddresses",LINELIST,ReachableDirAddresses,NULL),
   VAR("ReachableORAddresses",LINELIST, ReachableORAddresses, NULL),
diff --git a/src/or/directory.c b/src/or/directory.c
index 7543144f0d..8ebe66e6d4 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -111,6 +111,8 @@ dir_policy_permits_address(uint32_t addr)
 static int
 purpose_is_private(uint8_t purpose)
 {
+  if (get_options()->AllDirActionsPrivate)
+    return 1;
   if (purpose == DIR_PURPOSE_FETCH_DIR ||
       purpose == DIR_PURPOSE_UPLOAD_DIR ||
       purpose == DIR_PURPOSE_FETCH_RUNNING_LIST ||
@@ -171,6 +173,10 @@ directory_get_from_dirserver(uint8_t purpose, const char *resource,
   int need_v2_support = purpose == DIR_PURPOSE_FETCH_NETWORKSTATUS ||
                         purpose == DIR_PURPOSE_FETCH_SERVERDESC;
 
+  if (!options->FetchServerDescriptors &&
+      (need_v1_support || need_v2_support))
+    return;
+
   if (directconn) {
     if (prefer_authority) {
       /* only ask authdirservers, and don't ask myself */
diff --git a/src/or/or.h b/src/or/or.h
index 189f39a681..eee2c80db5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1270,6 +1270,13 @@ typedef struct {
                                    * versions? */
   int ClientOnly; /**< Boolean: should we never evolve into a server role? */
   int NoPublish; /**< Boolean: should we never publish a descriptor? */
+  int PublishServerDescriptor; /**< Do we publish our descriptor as normal? */
+  int PublishHidServDescriptors; /**< and our hidden service descriptors? */
+  int FetchServerDescriptors; /**< Do we fetch server descriptors as normal? */
+  int FetchHidServDescriptors; /** and hidden service descriptors? */
+  int AllDirActionsPrivate; /**< Should every directory action be sent
+                             * through a Tor circuit? */
+
   int ConnLimit; /**< Demanded minimum number of simultaneous connections. */
   int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */
   int RunAsDaemon; /**< If true, run in the background. (Unix only) */
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 82be7f0d84..37d462d981 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -252,6 +252,8 @@ rend_client_introduction_acked(circuit_t *circ,
 void
 rend_client_refetch_renddesc(const char *query)
 {
+  if (!get_options()->FetchHidServDescriptors)
+    return;
   if (connection_get_by_type_state_rendquery(CONN_TYPE_DIR, 0, query)) {
     log_info(LD_REND,"Would fetch a new renddesc here (for %s), but one is "
              "already in progress.", safe_str(query));
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 5124f93dba..4d783a5d25 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1060,6 +1060,9 @@ rend_consider_services_upload(time_t now)
   rend_service_t *service;
   int rendpostperiod = get_options()->RendPostPeriod;
 
+  if (!get_options()->PublishHidServDescriptors)
+    return;
+
   for (i=0; i < smartlist_len(rend_service_list); ++i) {
     service = smartlist_get(rend_service_list, i);
     if (!service->next_upload_time) { /* never been uploaded yet */
diff --git a/src/or/router.c b/src/or/router.c
index f32339bb77..e1be3efd50 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -695,6 +695,8 @@ router_upload_dir_desc_to_dirservers(int force)
     log_warn(LD_GENERAL, "No descriptor; skipping upload");
     return;
   }
+  if (!get_options()->PublishServerDescriptor)
+    return;
   if (!force && !desc_needs_upload)
     return;
   desc_needs_upload = 0;